Publicité CID

charlotteeeee Messages postés 10 Statut Membre -  
 Utilisateur anonyme -
Bonjour,

J'aimerai que quelqu'un m'aide à enlever ses pubs CID qui s'affichent regulierement quand je me connecte. Ca devient vraiment genant!

Merci d'avance
Configuration: Windows XP
Internet Explorer 6.0

10 réponses

  1. Utilisateur anonyme
     
    Salut ,

    → Télécharge LOP S&D sur ton bureau.

    Ton Anti-virus risque de gueuler pendant la procédure , ne t'inquiète pas. Désactive-le si necessaire.

    → Ensuite double clique sur LopSD.exe pour lancer l'installation. Accepte le contrat de license.

    Un message va t'informer que le repertoire n'existe pas , répond ' oui ' à la question qui s'en suit.

    → Maintenant double clique sur Lop S&D ( raccourci Lop S&D présent sur le bureau).

    Au menu principal, choisis l'option 1

    --- Le programme va travailler ---

    En fin d'analyse un rapport va apparaître , copie-en le contenu dans ta prochaine réponse.

    ( rapport sauvegardé aussi dans C:\lopR.txt )

    (CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

    /!\ Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide) /!\

    Tutorial ( aide ) : http://bibou0007.com/outils-specifiques-f78/tuto-lop-sd-t956.htm

    A+
    0
  2. charlotteeeee Messages postés 10 Statut Membre
     
    merci de ton aide

    -----------------------[ Lop S&D 4.2.2-1 XP/Vista ]---------------------

    [ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
    [ USER : charlotte ] [ "C:\Lop SD" ] [ Selection : 1 ]
    [ 11/07/2008 | 15:09:40,78 ] [ PC : YOUR-CE899BE174 ]
    [ MAJ : 09-07-2008 | 21:02 ]

    -------------[ Listing des dossiers dans Application Data ]------------

    [11/10/2006|01:30] C:\DOCUME~1\ADMINI~1\APPLIC~1\Adobe
    [25/09/2006|14:53] C:\DOCUME~1\ADMINI~1\APPLIC~1\desktop.ini
    [11/10/2006|01:30] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
    [11/10/2006|01:30] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
    [11/10/2006|01:30] C:\DOCUME~1\ADMINI~1\APPLIC~1\toshiba

    [27/06/2008|23:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Admin Inter 1 Mags
    [12/04/2008|12:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [05/04/2007|14:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
    [25/09/2006|14:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
    [03/04/2007|20:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
    [11/07/2008|13:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
    [28/01/2007|16:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [23/12/2007|19:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
    [03/04/2007|14:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
    [23/12/2007|18:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
    [03/04/2007|13:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [05/11/2007|17:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
    [25/11/2007|21:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion

    [14/05/2008|17:58] C:\DOCUME~1\CHARLO~1\APPLIC~1\Adobe
    [31/03/2007|20:30] C:\DOCUME~1\CHARLO~1\APPLIC~1\AdobeUM
    [12/07/2007|00:32] C:\DOCUME~1\CHARLO~1\APPLIC~1\Apple Computer
    [30/01/2008|16:05] C:\DOCUME~1\CHARLO~1\APPLIC~1\Dealio
    [25/09/2006|14:53] C:\DOCUME~1\CHARLO~1\APPLIC~1\desktop.ini
    [08/04/2007|13:11] C:\DOCUME~1\CHARLO~1\APPLIC~1\DivX
    [27/06/2008|23:12] C:\DOCUME~1\CHARLO~1\APPLIC~1\Funk Heck Okay
    [15/10/2007|20:19] C:\DOCUME~1\CHARLO~1\APPLIC~1\G-Force Prefs (WindowsMediaPlayer).txt
    [05/04/2007|16:28] C:\DOCUME~1\CHARLO~1\APPLIC~1\Google
    [11/10/2006|01:30] C:\DOCUME~1\CHARLO~1\APPLIC~1\Identities
    [26/06/2007|22:16] C:\DOCUME~1\CHARLO~1\APPLIC~1\InterVideo
    [28/01/2007|13:56] C:\DOCUME~1\CHARLO~1\APPLIC~1\Macromedia
    [13/02/2008|13:17] C:\DOCUME~1\CHARLO~1\APPLIC~1\Microsoft
    [30/04/2008|10:49] C:\DOCUME~1\CHARLO~1\APPLIC~1\Mozilla
    [30/04/2008|10:50] C:\DOCUME~1\CHARLO~1\APPLIC~1\Search Settings
    [26/06/2007|15:42] C:\DOCUME~1\CHARLO~1\APPLIC~1\Sun
    [30/04/2008|10:49] C:\DOCUME~1\CHARLO~1\APPLIC~1\Talkback
    [02/12/2006|15:09] C:\DOCUME~1\CHARLO~1\APPLIC~1\Template
    [11/10/2006|01:30] C:\DOCUME~1\CHARLO~1\APPLIC~1\toshiba
    [17/12/2007|17:37] C:\DOCUME~1\CHARLO~1\APPLIC~1\U3
    [14/05/2008|23:11] C:\DOCUME~1\CHARLO~1\APPLIC~1\WinRAR
    [22/04/2008|21:32] C:\DOCUME~1\CHARLO~1\APPLIC~1\wklnhst.dat
    [25/11/2007|21:15] C:\DOCUME~1\CHARLO~1\APPLIC~1\Yahoo!

    [11/10/2006|01:30] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Adobe
    [25/09/2006|14:53] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
    [11/10/2006|01:30] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
    [11/10/2006|01:30] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
    [11/10/2006|01:30] C:\DOCUME~1\DEFAUL~1\APPLIC~1\toshiba

    [11/10/2006|01:36] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
    [11/10/2006|01:36] C:\DOCUME~1\LOCALS~1\APPLIC~1\X10 Commander

    [11/10/2006|01:36] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

    ----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

    [11/07/2008 15:00][--ah-----] C:\WINDOWS\tasks\A826917A9189061A.job
    [14/05/2008 11:50][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    [11/07/2008 15:04][--ah-----] C:\WINDOWS\tasks\SA.DAT
    [10/08/2004 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

    A826917A9189061A.job <--> c:\docume~1\charlo~1\applic~1\funkhe~1\activewindowtool.exe

    ---------------[ Listing des dossiers dans C:\Program Files ]--------------

    [12/04/2008|12:33] C:\Program Files\Adobe
    [20/02/2008|11:49] C:\Program Files\Alwil Software
    [11/10/2006|01:49] C:\Program Files\Apoint2K
    [05/04/2007|14:51] C:\Program Files\Apple Software Update
    [01/12/2006|15:43] C:\Program Files\Atheros
    [11/10/2006|01:50] C:\Program Files\ATI Technologies
    [11/10/2006|01:50] C:\Program Files\Common Files
    [25/09/2006|12:59] C:\Program Files\ComPlus Applications
    [30/01/2008|16:02] C:\Program Files\Dealio
    [22/10/2007|13:08] C:\Program Files\DivX
    [05/06/2008|11:37] C:\Program Files\eMule
    [23/12/2007|21:11] C:\Program Files\Fichiers communs
    [30/01/2008|16:48] C:\Program Files\Free Easy Burner
    [27/06/2008|23:10] C:\Program Files\Funk Heck Okay
    [27/09/2006|01:49] C:\Program Files\GemMasterFrench
    [03/04/2007|20:56] C:\Program Files\Google
    [19/01/2008|01:17] C:\Program Files\InstallShield Installation Information
    [12/06/2008|11:48] C:\Program Files\Internet Explorer
    [11/10/2006|01:53] C:\Program Files\InterVideo
    [11/10/2006|01:54] C:\Program Files\Java
    [06/11/2007|14:47] C:\Program Files\JoWood
    [11/10/2006|01:54] C:\Program Files\ltmoh
    [11/10/2006|01:54] C:\Program Files\Messenger
    [06/11/2007|11:47] C:\Program Files\Microsoft CAPICOM 2.1.0.2
    [11/10/2006|01:56] C:\Program Files\Microsoft Digital Image 2006
    [11/10/2006|01:56] C:\Program Files\microsoft frontpage
    [11/10/2006|01:57] C:\Program Files\Microsoft Office
    [11/10/2006|01:59] C:\Program Files\Microsoft Works
    [11/10/2006|01:59] C:\Program Files\Microsoft.NET
    [11/10/2006|01:59] C:\Program Files\Movie Maker
    [11/07/2008|14:36] C:\Program Files\Mozilla Firefox
    [11/10/2006|01:59] C:\Program Files\MSN
    [11/10/2006|01:59] C:\Program Files\MSN Gaming Zone
    [01/04/2008|15:20] C:\Program Files\MSN Messenger
    [11/02/2007|16:20] C:\Program Files\MSXML 4.0
    [11/10/2006|01:59] C:\Program Files\NetMeeting
    [11/02/2007|17:08] C:\Program Files\Offre Wanadoo
    [11/10/2006|02:00] C:\Program Files\Online Services
    [17/06/2007|01:06] C:\Program Files\Outlook Express
    [05/04/2008|13:54] C:\Program Files\PhotoFiltre
    [15/04/2008|18:59] C:\Program Files\Picasa2
    [05/04/2007|14:54] C:\Program Files\QuickTime
    [11/10/2006|02:00] C:\Program Files\Realtek
    [28/01/2007|13:43] C:\Program Files\SAGEM
    [30/01/2008|16:03] C:\Program Files\Search Settings
    [11/10/2006|02:00] C:\Program Files\Services en ligne
    [25/03/2007|22:02] C:\Program Files\SLD Codec Pack
    [23/12/2007|18:37] C:\Program Files\Spybot - Search & Destroy
    [03/04/2007|14:39] C:\Program Files\Symantec
    [11/10/2006|02:01] C:\Program Files\TOSHIBA
    [27/09/2006|06:03] C:\Program Files\Uninstall Information
    [06/09/2007|13:51] C:\Program Files\Univ-Tchat
    [26/06/2008|16:16] C:\Program Files\Winamp
    [11/10/2006|02:01] C:\Program Files\Windows Desktop Search
    [28/06/2008|00:07] C:\Program Files\Windows Live
    [11/02/2007|16:27] C:\Program Files\Windows Media Player
    [11/10/2006|02:01] C:\Program Files\Windows NT
    [11/10/2006|02:01] C:\Program Files\Windows Plus
    [25/09/2006|13:00] C:\Program Files\WindowsUpdate
    [14/05/2008|23:11] C:\Program Files\WinRAR
    [11/10/2006|02:01] C:\Program Files\X10 Hardware
    [11/10/2006|02:01] C:\Program Files\xerox
    [25/11/2007|21:14] C:\Program Files\Yahoo!

    ------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

    [12/04/2008|12:35] C:\Program Files\Fichiers communs\Adobe
    [11/10/2006|01:50] C:\Program Files\Fichiers communs\DESIGNER
    [11/10/2007|18:34] C:\Program Files\Fichiers communs\InstallShield
    [11/10/2006|01:50] C:\Program Files\Fichiers communs\InterVideo
    [11/10/2006|01:50] C:\Program Files\Fichiers communs\Java
    [06/06/2008|06:47] C:\Program Files\Fichiers communs\Microsoft Shared
    [11/10/2006|01:51] C:\Program Files\Fichiers communs\MSSoap
    [11/10/2006|01:51] C:\Program Files\Fichiers communs\ODBC
    [11/10/2006|01:51] C:\Program Files\Fichiers communs\Services
    [11/10/2006|01:51] C:\Program Files\Fichiers communs\SpeechEngines
    [19/02/2008|21:10] C:\Program Files\Fichiers communs\Symantec Shared
    [17/06/2007|01:06] C:\Program Files\Fichiers communs\System

    ---------------------------[ Process ]--------------------------

    ... 68

    IEXPLORE.EXE ~ [3808]
    IEXPLORE.EXE ~ [2408]

    ----------------------[ Recherche avec S_Lop ]---------------------

    C:\DOCUME~1\CHARLO~1\LOCALS~1\Temp\bis1.exe

    -----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

    C:\DOCUME~1\ALLUSE~1\APPLIC~1\Admin Inter 1 Mags
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\Admin Inter 1 Mags\AXIS CASH.exe
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\Admin Inter 1 Mags\DASH LOAD.exe
    C:\DOCUME~1\CHARLO~1\APPLIC~1\Funk Heck Okay
    C:\DOCUME~1\CHARLO~1\APPLIC~1\Funk Heck Okay\activewindowtool.exe
    C:\DOCUME~1\CHARLO~1\APPLIC~1\Funk Heck Okay\ckjkcvqt.exe
    C:\DOCUME~1\CHARLO~1\APPLIC~1\Funk Heck Okay\eijetwhn.exe
    C:\DOCUME~1\CHARLO~1\APPLIC~1\Funk Heck Okay\fynbigrs.exe
    C:\DOCUME~1\CHARLO~1\APPLIC~1\Funk Heck Okay\Hold base.exe
    C:\DOCUME~1\CHARLO~1\APPLIC~1\Funk Heck Okay\Internetownsdoglink.exe
    C:\DOCUME~1\CHARLO~1\APPLIC~1\Funk Heck Okay\qggymmfa.exe
    C:\DOCUME~1\CHARLO~1\APPLIC~1\Funk Heck Okay\vmeychgw.exe
    C:\DOCUME~1\CHARLO~1\APPLIC~1\Funk Heck Okay\whnqkqqu.exe
    C:\DOCUME~1\CHARLO~1\APPLIC~1\Funk Heck Okay\zrebdieo.exe
    C:\Program Files\Funk Heck Okay
    C:\DOCUME~1\CHARLO~1\APPLIC~1\funkhe~1
    C:\DOCUME~1\CHARLO~1\APPLIC~1\funkhe~1\activewindowtool.exe
    C:\DOCUME~1\CHARLO~1\APPLIC~1\funkhe~1\ckjkcvqt.exe
    C:\DOCUME~1\CHARLO~1\APPLIC~1\funkhe~1\eijetwhn.exe
    C:\DOCUME~1\CHARLO~1\APPLIC~1\funkhe~1\fynbigrs.exe
    C:\DOCUME~1\CHARLO~1\APPLIC~1\funkhe~1\Hold base.exe
    C:\DOCUME~1\CHARLO~1\APPLIC~1\funkhe~1\Internetownsdoglink.exe
    C:\DOCUME~1\CHARLO~1\APPLIC~1\funkhe~1\qggymmfa.exe
    C:\DOCUME~1\CHARLO~1\APPLIC~1\funkhe~1\vmeychgw.exe
    C:\DOCUME~1\CHARLO~1\APPLIC~1\funkhe~1\whnqkqqu.exe
    C:\DOCUME~1\CHARLO~1\APPLIC~1\funkhe~1\zrebdieo.exe
    C:\Program Files\funkhe~1
    C:\WINDOWS\Prefetch\AXIS CASH.EXE-0C690093.pf
    C:\WINDOWS\Prefetch\DASH LOAD.EXE-3A3402EF.pf
    C:\WINDOWS\Prefetch\ACTIVEWINDOWTOOL.EXE-3A954356.pf
    C:\WINDOWS\Prefetch\CKJKCVQT.EXE-17E9F38D.pf
    C:\WINDOWS\Prefetch\HOLD BASE.EXE-2EFADE54.pf
    C:\WINDOWS\Prefetch\QGGYMMFA.EXE-2454FCBD.pf
    C:\DOCUME~1\CHARLO~1\Cookies\charlotte@www.adserver5[2].txt
    C:\DOCUME~1\CHARLO~1\Cookies\charlotte@adin.bigpoint[1].txt
    C:\DOCUME~1\CHARLO~1\Cookies\charlotte@bigpoint[1].txt
    C:\DOCUME~1\CHARLO~1\Cookies\charlotte@fr1.darkorbit.bigpoint[2].txt
    C:\DOCUME~1\CHARLO~1\Cookies\charlotte@fr1.seafight.bigpoint[1].txt
    C:\DOCUME~1\CHARLO~1\Cookies\charlotte@banner.cotedazurpalace[1].txt
    C:\DOCUME~1\CHARLO~1\Cookies\charlotte@cotedazurpalace[1].txt
    C:\DOCUME~1\CHARLO~1\Cookies\charlotte@adopt.euroclick[1].txt
    C:\DOCUME~1\CHARLO~1\Cookies\charlotte@pacificpoker[1].txt
    C:\DOCUME~1\CHARLO~1\Cookies\charlotte@partygaming.122.2o7[1].txt
    C:\DOCUME~1\CHARLO~1\Cookies\charlotte@partypoker[2].txt
    C:\DOCUME~1\CHARLO~1\Cookies\charlotte@fr1.seafight.bigpoint[1].txt
    C:\DOCUME~1\CHARLO~1\Cookies\charlotte@32vegas[2].txt
    C:\DOCUME~1\CHARLO~1\Cookies\charlotte@banner.32vegas[2].txt
    C:\DOCUME~1\CHARLO~1\Cookies\charlotte@2xmoinscher[1].txt
    C:\DOCUME~1\CHARLO~1\Cookies\charlotte@cc.2xmoinscher[1].txt
    C:\DOCUME~1\CHARLO~1\Cookies\charlotte@www.2xmoinscher[2].txt
    C:\DOCUME~1\CHARLO~1\Cookies\charlotte@linternaute[1].txt
    C:\WINDOWS\Tasks\A826917A9189061A.job

    ----------------------[ Verification du Registre ]----------------------

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "the load"="C:\\DOCUME~1\\CHARLO~1\\APPLIC~1\\FUNKHE~1\\Hold base.exe"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "1 mags 16 more"="C:\\Documents and Settings\\All Users\\Application Data\\Admin Inter 1 Mags\\DASH LOAD.exe"

    --------------------[ Verification du fichier Hosts ]---------------------

    Fichier Hosts MODIFIE

    127.0.0.1 bin.errorprotector.com ## added by CiD
    127.0.0.1 br.errorsafe.com ## added by CiD
    127.0.0.1 br.winantivirus.com ## added by CiD
    127.0.0.1 br.winfixer.com ## added by CiD
    127.0.0.1 cdn.drivecleaner.com ## added by CiD
    127.0.0.1 cdn.errorsafe.com ## added by CiD
    127.0.0.1 cdn.winsoftware.com ## added by CiD
    127.0.0.1 de.errorsafe.com ## added by CiD
    127.0.0.1 de.winantivirus.com ## added by CiD
    127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
    127.0.0.1 download.cdn.errorsafe.com ## added by CiD
    127.0.0.1 download.cdn.winsoftware.com ## added by CiD
    127.0.0.1 download.errorsafe.com ## added by CiD
    127.0.0.1 download.systemdoctor.com ## added by CiD
    127.0.0.1 download.winantispyware.com ## added by CiD
    127.0.0.1 download.windrivecleaner.com ## added by CiD
    127.0.0.1 download.winfixer.com ## added by CiD
    127.0.0.1 drivecleaner.com ## added by CiD
    127.0.0.1 dynamique.drivecleaner.com ## added by CiD
    127.0.0.1 errorprotector.com ## added by CiD
    127.0.0.1 errorsafe.com ## added by CiD
    127.0.0.1 es.winantivirus.com ## added by CiD
    127.0.0.1 fr.winantivirus.com ## added by CiD
    127.0.0.1 fr.winfixer.com ## added by CiD
    127.0.0.1 go.drivecleaner.com ## added by CiD
    127.0.0.1 go.errorsafe.com ## added by CiD
    127.0.0.1 go.winantispyware.com ## added by CiD
    127.0.0.1 go.winantivirus.com ## added by CiD
    127.0.0.1 hk.winantivirus.com ## added by CiD
    127.0.0.1 instlog.errorsafe.com ## added by CiD
    127.0.0.1 instlog.winantivirus.com ## added by CiD
    127.0.0.1 instlog.winfixer.com ## added by CiD
    127.0.0.1 jsp.drivecleaner.com ## added by CiD
    127.0.0.1 kb.errorsafe.com ## added by CiD
    127.0.0.1 kb.winantivirus.com ## added by CiD
    127.0.0.1 nl.errorsafe.com ## added by CiD
    127.0.0.1 se.errorsafe.com ## added by CiD
    127.0.0.1 secure.drivecleaner.com ## added by CiD
    127.0.0.1 secure.errorsafe.com ## added by CiD
    127.0.0.1 secure.winantispam.com ## added by CiD
    127.0.0.1 secure.winantispy.com ## added by CiD
    127.0.0.1 secure.winantivirus.com ## added by CiD
    127.0.0.1 support.winantivirus.com ## added by CiD
    127.0.0.1 trial.updates.winsoftware.com ## added by CiD
    127.0.0.1 ulog.winantivirus.com ## added by CiD
    127.0.0.1 utils.errorsafe.com ## added by CiD
    127.0.0.1 utils.winantivirus.com ## added by CiD
    127.0.0.1 utils.winfixer.com ## added by CiD
    127.0.0.1 winantispyware.com ## added by CiD
    127.0.0.1 winantivirus.com ## added by CiD
    127.0.0.1 winfixer.com ## added by CiD
    127.0.0.1 winfixer2006.com ## added by CiD
    127.0.0.1 winsoftware.com ## added by CiD
    127.0.0.1 [i]ww/iw.drivecleaner.com ## added by CiD
    127.0.0.1 [i]ww/iw.errorprotector.com ## added by CiD
    127.0.0.1 [i]ww/iw.errorsafe.com ## added by CiD
    127.0.0.1 [i]ww/iw.systemdoctor.com ## added by CiD
    127.0.0.1 [i]ww/iw.utils.winfixer.com ## added by CiD
    127.0.0.1 [i]ww/iw.win-anti-virus-pro.com ## added by CiD
    127.0.0.1 [i]ww/iw.win-virus-pro.com ## added by CiD
    127.0.0.1 [i]ww/iw.winantispam.com ## added by CiD
    127.0.0.1 [i]ww/iw.winantispy.com ## added by CiD
    127.0.0.1 [i]ww/iw.winantispyware.com ## added by CiD
    127.0.0.1 [i]ww/iw.winantivirus.com ## added by CiD
    127.0.0.1 [i]ww/iw.winantiviruspro.com ## added by CiD
    127.0.0.1 [i]ww/iw.windrivecleaner.com ## added by CiD
    127.0.0.1 [i]ww/iw.windrivesafe.com ## added by CiD
    127.0.0.1 [i]ww/iw.winfixer.com ## added by CiD
    127.0.0.1 [i]ww/iw.winfixer2006.com ## added by CiD
    127.0.0.1 [i]ww/iw.winsoftware.com ## added by CiD

    -> 7744 ( 70 ## added by CiD )

    /!\ 1 Not 127.0.0.1 !!

    ----------------[ Recherche de fichiers avec Catchme ]-----------------

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-07-11 15:11:17
    Windows 5.1.2600 Service Pack 2 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 0

    --------------------[ Recherche d'autres infections ]---------------------

    Aucune autre infection trouvée !

    [F:4128][D:302]-> C:\DOCUME~1\CHARLO~1\LOCALS~1\Temp
    [F:1491][D:0]-> C:\DOCUME~1\CHARLO~1\Cookies
    [F:13][D:5]-> C:\DOCUME~1\CHARLO~1\LOCALS~1\TEMPOR~1\content.IE5

    --------------------[ Fin du rapport a 15:13:01,04 ]----------------------
    0
  3. Utilisateur anonyme
     
    Re ,

    Relance Lop S&D

    > option2 ( suppression )

    Et poste le rapport obtenu.

    ( rapport situé dans C:\lopR.txt )

    (CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

    *****************************************

    → Télécharge TrendMicro™ HijackThis™

    → Enregistre HJTInstall.exe sur ton bureau.

    → Double-clique sur HJTInstall.exe pour lancer le programme

    (!) Par défaut, il s'installera là :
    C:\Program Files\Trend Micro\HijackThis

    → Accepte la license en cliquant sur le bouton "I Accept"

    Ferme Hijackthis en cliquant sur la croix-rouge.

    → Télécharge sur ton bureau DSS (ex Comboscan) de Deckard:

    (choisis enregistrer, puis Bureau comme emplacement)

    Ferme toutes les applications en cours.

    → Double-clic sur DSS.exe pour lancer l'outil.

    → Une fenêtre s'ouvre, invitant à fermer toutes les applications, clique sur OK.

    → A la fin de l'analyse, une fenêtre s'ouvre, clique sur OK.

    Le rapport main.txt va s'afficher, copie le dans ta prochaine réponse.
    Si un rapport complémentaire a été créé ( extra.txt ), poste le aussi dans ta réponse.

    Les rapports sont ici :
    (!) C:\Deckard\System Scanner\main.txt
    (!) C:\Deckard\System Scanner\extra.txt

    (CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

    A++
    0
  4. charlotteeeee Messages postés 10 Statut Membre
     
    encore merci!!!
    est ce que tu peux m'expliquer d'ou ca vient??

    -----------------------[ Lop S&D 4.2.2-1 XP/Vista ]---------------------

    [ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
    [ USER : charlotte ] [ "C:\Lop SD" ] [ Selection : 2 ]
    [ 11/07/2008 | 23:05:28,32 ] [ PC : YOUR-CE899BE174 ]
    [ MAJ : 09-07-2008 | 21:02 ]

    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////

    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Admin Inter 1 Mags\AXIS CASH.exe
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Admin Inter 1 Mags\DASH LOAD.exe
    Supprime! - C:\DOCUME~1\CHARLO~1\APPLIC~1\Funk Heck Okay\activewindowtool.exe
    Supprime! - C:\DOCUME~1\CHARLO~1\APPLIC~1\Funk Heck Okay\ckjkcvqt.exe
    Supprime! - C:\DOCUME~1\CHARLO~1\APPLIC~1\Funk Heck Okay\eijetwhn.exe
    Supprime! - C:\DOCUME~1\CHARLO~1\APPLIC~1\Funk Heck Okay\fynbigrs.exe
    Supprime! - C:\DOCUME~1\CHARLO~1\APPLIC~1\Funk Heck Okay\Hold base.exe
    Supprime! - C:\DOCUME~1\CHARLO~1\APPLIC~1\Funk Heck Okay\Internetownsdoglink.exe
    Supprime! - C:\DOCUME~1\CHARLO~1\APPLIC~1\Funk Heck Okay\qggymmfa.exe
    Supprime! - C:\DOCUME~1\CHARLO~1\APPLIC~1\Funk Heck Okay\vmeychgw.exe
    Supprime! - C:\DOCUME~1\CHARLO~1\APPLIC~1\Funk Heck Okay\whnqkqqu.exe
    Supprime! - C:\DOCUME~1\CHARLO~1\APPLIC~1\Funk Heck Okay\zrebdieo.exe
    Supprime! - C:\WINDOWS\Prefetch\AXIS CASH.EXE-0C690093.pf
    Supprime! - C:\WINDOWS\Prefetch\DASH LOAD.EXE-3A3402EF.pf
    Supprime! - C:\WINDOWS\Prefetch\ACTIVEWINDOWTOOL.EXE-3A954356.pf
    Supprime! - C:\WINDOWS\Prefetch\CKJKCVQT.EXE-17E9F38D.pf
    Supprime! - C:\WINDOWS\Prefetch\HOLD BASE.EXE-2EFADE54.pf
    Supprime! - C:\WINDOWS\Prefetch\QGGYMMFA.EXE-2454FCBD.pf
    Supprime! - C:\DOCUME~1\CHARLO~1\Cookies\charlotte@www.adserver5[2].txt
    Supprime! - C:\DOCUME~1\CHARLO~1\Cookies\charlotte@adin.bigpoint[1].txt
    Supprime! - C:\DOCUME~1\CHARLO~1\Cookies\charlotte@bigpoint[1].txt
    Supprime! - C:\DOCUME~1\CHARLO~1\Cookies\charlotte@fr1.darkorbit.bigpoint[2].txt
    Supprime! - C:\DOCUME~1\CHARLO~1\Cookies\charlotte@fr1.seafight.bigpoint[1].txt
    Supprime! - C:\DOCUME~1\CHARLO~1\Cookies\charlotte@banner.cotedazurpalace[1].txt
    Supprime! - C:\DOCUME~1\CHARLO~1\Cookies\charlotte@cotedazurpalace[1].txt
    Supprime! - C:\DOCUME~1\CHARLO~1\Cookies\charlotte@adopt.euroclick[1].txt
    Supprime! - C:\DOCUME~1\CHARLO~1\Cookies\charlotte@partygaming.122.2o7[1].txt
    Supprime! - C:\DOCUME~1\CHARLO~1\Cookies\charlotte@partypoker[2].txt
    Supprime! - C:\DOCUME~1\CHARLO~1\Cookies\charlotte@32vegas[2].txt
    Supprime! - C:\DOCUME~1\CHARLO~1\Cookies\charlotte@banner.32vegas[2].txt
    Supprime! - C:\DOCUME~1\CHARLO~1\Cookies\charlotte@2xmoinscher[1].txt
    Supprime! - C:\DOCUME~1\CHARLO~1\Cookies\charlotte@cc.2xmoinscher[1].txt
    Supprime! - C:\DOCUME~1\CHARLO~1\Cookies\charlotte@www.2xmoinscher[2].txt
    Supprime! - C:\DOCUME~1\CHARLO~1\Cookies\charlotte@linternaute[1].txt
    Supprime! - C:\WINDOWS\Tasks\A826917A9189061A.job
    Supprime! - C:\DOCUME~1\CHARLO~1\LOCALS~1\Temp\bis1.exe
    Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Admin Inter 1 Mags
    Supprime! - C:\DOCUME~1\CHARLO~1\APPLIC~1\Funk Heck Okay
    Supprime! - C:\Program Files\Funk Heck Okay
    RestaurÚ! - Fichier Hosts

    //////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

    Supprime! - C:\Program Files\Dealio
    Supprime! - C:\DOCUME~1\CHARLO~1\APPLIC~1\Dealio
    Supprime! - C:\Program Files\Search Settings
    Supprime! - C:\DOCUME~1\CHARLO~1\APPLIC~1\Search Settings

    //////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

    -------------[ Listing des dossiers dans APPLIC~1 ]------------

    [11/10/2006|01:30] C:\DOCUME~1\ADMINI~1\APPLIC~1\Adobe
    [25/09/2006|14:53] C:\DOCUME~1\ADMINI~1\APPLIC~1\desktop.ini
    [11/10/2006|01:30] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
    [11/10/2006|01:30] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
    [11/10/2006|01:30] C:\DOCUME~1\ADMINI~1\APPLIC~1\toshiba

    [12/04/2008|12:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [05/04/2007|14:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
    [25/09/2006|14:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
    [03/04/2007|20:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
    [11/07/2008|13:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
    [28/01/2007|16:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [23/12/2007|19:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
    [03/04/2007|14:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
    [23/12/2007|18:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
    [03/04/2007|13:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [05/11/2007|17:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
    [25/11/2007|21:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion

    [14/05/2008|17:58] C:\DOCUME~1\CHARLO~1\APPLIC~1\Adobe
    [31/03/2007|20:30] C:\DOCUME~1\CHARLO~1\APPLIC~1\AdobeUM
    [12/07/2007|00:32] C:\DOCUME~1\CHARLO~1\APPLIC~1\Apple Computer
    [25/09/2006|14:53] C:\DOCUME~1\CHARLO~1\APPLIC~1\desktop.ini
    [08/04/2007|13:11] C:\DOCUME~1\CHARLO~1\APPLIC~1\DivX
    [15/10/2007|20:19] C:\DOCUME~1\CHARLO~1\APPLIC~1\G-Force Prefs (WindowsMediaPlayer).txt
    [05/04/2007|16:28] C:\DOCUME~1\CHARLO~1\APPLIC~1\Google
    [11/10/2006|01:30] C:\DOCUME~1\CHARLO~1\APPLIC~1\Identities
    [26/06/2007|22:16] C:\DOCUME~1\CHARLO~1\APPLIC~1\InterVideo
    [28/01/2007|13:56] C:\DOCUME~1\CHARLO~1\APPLIC~1\Macromedia
    [13/02/2008|13:17] C:\DOCUME~1\CHARLO~1\APPLIC~1\Microsoft
    [30/04/2008|10:49] C:\DOCUME~1\CHARLO~1\APPLIC~1\Mozilla
    [26/06/2007|15:42] C:\DOCUME~1\CHARLO~1\APPLIC~1\Sun
    [30/04/2008|10:49] C:\DOCUME~1\CHARLO~1\APPLIC~1\Talkback
    [02/12/2006|15:09] C:\DOCUME~1\CHARLO~1\APPLIC~1\Template
    [11/10/2006|01:30] C:\DOCUME~1\CHARLO~1\APPLIC~1\toshiba
    [17/12/2007|17:37] C:\DOCUME~1\CHARLO~1\APPLIC~1\U3
    [14/05/2008|23:11] C:\DOCUME~1\CHARLO~1\APPLIC~1\WinRAR
    [22/04/2008|21:32] C:\DOCUME~1\CHARLO~1\APPLIC~1\wklnhst.dat
    [25/11/2007|21:15] C:\DOCUME~1\CHARLO~1\APPLIC~1\Yahoo!

    [11/10/2006|01:30] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Adobe
    [25/09/2006|14:53] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
    [11/10/2006|01:30] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
    [11/10/2006|01:30] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
    [11/10/2006|01:30] C:\DOCUME~1\DEFAUL~1\APPLIC~1\toshiba

    [11/10/2006|01:36] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
    [11/10/2006|01:36] C:\DOCUME~1\LOCALS~1\APPLIC~1\X10 Commander

    [11/10/2006|01:36] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

    ----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

    [14/05/2008 11:50][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    [11/07/2008 15:04][--ah-----] C:\WINDOWS\tasks\SA.DAT
    [10/08/2004 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

    ---------------[ Listing des dossiers dans C:\Program Files ]--------------

    [12/04/2008|12:33] C:\Program Files\Adobe
    [20/02/2008|11:49] C:\Program Files\Alwil Software
    [11/10/2006|01:49] C:\Program Files\Apoint2K
    [05/04/2007|14:51] C:\Program Files\Apple Software Update
    [01/12/2006|15:43] C:\Program Files\Atheros
    [11/10/2006|01:50] C:\Program Files\ATI Technologies
    [11/10/2006|01:50] C:\Program Files\Common Files
    [25/09/2006|12:59] C:\Program Files\ComPlus Applications
    [22/10/2007|13:08] C:\Program Files\DivX
    [05/06/2008|11:37] C:\Program Files\eMule
    [23/12/2007|21:11] C:\Program Files\Fichiers communs
    [30/01/2008|16:48] C:\Program Files\Free Easy Burner
    [27/09/2006|01:49] C:\Program Files\GemMasterFrench
    [03/04/2007|20:56] C:\Program Files\Google
    [19/01/2008|01:17] C:\Program Files\InstallShield Installation Information
    [12/06/2008|11:48] C:\Program Files\Internet Explorer
    [11/10/2006|01:53] C:\Program Files\InterVideo
    [11/10/2006|01:54] C:\Program Files\Java
    [06/11/2007|14:47] C:\Program Files\JoWood
    [11/10/2006|01:54] C:\Program Files\ltmoh
    [11/10/2006|01:54] C:\Program Files\Messenger
    [06/11/2007|11:47] C:\Program Files\Microsoft CAPICOM 2.1.0.2
    [11/10/2006|01:56] C:\Program Files\Microsoft Digital Image 2006
    [11/10/2006|01:56] C:\Program Files\microsoft frontpage
    [11/10/2006|01:57] C:\Program Files\Microsoft Office
    [11/10/2006|01:59] C:\Program Files\Microsoft Works
    [11/10/2006|01:59] C:\Program Files\Microsoft.NET
    [11/10/2006|01:59] C:\Program Files\Movie Maker
    [11/07/2008|14:36] C:\Program Files\Mozilla Firefox
    [11/10/2006|01:59] C:\Program Files\MSN
    [11/10/2006|01:59] C:\Program Files\MSN Gaming Zone
    [01/04/2008|15:20] C:\Program Files\MSN Messenger
    [11/02/2007|16:20] C:\Program Files\MSXML 4.0
    [11/10/2006|01:59] C:\Program Files\NetMeeting
    [11/02/2007|17:08] C:\Program Files\Offre Wanadoo
    [11/10/2006|02:00] C:\Program Files\Online Services
    [17/06/2007|01:06] C:\Program Files\Outlook Express
    [05/04/2008|13:54] C:\Program Files\PhotoFiltre
    [15/04/2008|18:59] C:\Program Files\Picasa2
    [05/04/2007|14:54] C:\Program Files\QuickTime
    [11/10/2006|02:00] C:\Program Files\Realtek
    [28/01/2007|13:43] C:\Program Files\SAGEM
    [11/10/2006|02:00] C:\Program Files\Services en ligne
    [25/03/2007|22:02] C:\Program Files\SLD Codec Pack
    [23/12/2007|18:37] C:\Program Files\Spybot - Search & Destroy
    [03/04/2007|14:39] C:\Program Files\Symantec
    [11/10/2006|02:01] C:\Program Files\TOSHIBA
    [27/09/2006|06:03] C:\Program Files\Uninstall Information
    [06/09/2007|13:51] C:\Program Files\Univ-Tchat
    [26/06/2008|16:16] C:\Program Files\Winamp
    [11/10/2006|02:01] C:\Program Files\Windows Desktop Search
    [28/06/2008|00:07] C:\Program Files\Windows Live
    [11/02/2007|16:27] C:\Program Files\Windows Media Player
    [11/10/2006|02:01] C:\Program Files\Windows NT
    [11/10/2006|02:01] C:\Program Files\Windows Plus
    [25/09/2006|13:00] C:\Program Files\WindowsUpdate
    [14/05/2008|23:11] C:\Program Files\WinRAR
    [11/10/2006|02:01] C:\Program Files\X10 Hardware
    [11/10/2006|02:01] C:\Program Files\xerox
    [25/11/2007|21:14] C:\Program Files\Yahoo!

    ------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

    [12/04/2008|12:35] C:\Program Files\Fichiers communs\Adobe
    [11/10/2006|01:50] C:\Program Files\Fichiers communs\DESIGNER
    [11/10/2007|18:34] C:\Program Files\Fichiers communs\InstallShield
    [11/10/2006|01:50] C:\Program Files\Fichiers communs\InterVideo
    [11/10/2006|01:50] C:\Program Files\Fichiers communs\Java
    [06/06/2008|06:47] C:\Program Files\Fichiers communs\Microsoft Shared
    [11/10/2006|01:51] C:\Program Files\Fichiers communs\MSSoap
    [11/10/2006|01:51] C:\Program Files\Fichiers communs\ODBC
    [11/10/2006|01:51] C:\Program Files\Fichiers communs\Services
    [11/10/2006|01:51] C:\Program Files\Fichiers communs\SpeechEngines
    [19/02/2008|21:10] C:\Program Files\Fichiers communs\Symantec Shared
    [17/06/2007|01:06] C:\Program Files\Fichiers communs\System

    ---------------------------[ Process ]--------------------------

    ... 65

    ... OK !

    ----------------------[ Recherche avec S_Lop ]---------------------

    Aucun fichier / dossier Lop trouvé !

    -----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

    C:\DOCUME~1\CHARLO~1\Cookies\charlotte@pacificpoker[2].txt

    ----------------------[ Verification du Registre ]----------------------

    ..... OK !

    --------------------[ Verification du fichier Hosts ]---------------------

    Fichier Hosts PROPRE

    ----------------[ Recherche de fichiers avec Catchme ]-----------------

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-07-11 23:07:11
    Windows 5.1.2600 Service Pack 2 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 0

    --------------------[ Recherche d'autres infections ]---------------------

    Aucune autre infection trouvée !

    [F:4129][D:302]-> C:\DOCUME~1\CHARLO~1\LOCALS~1\Temp
    [F:1476][D:0]-> C:\DOCUME~1\CHARLO~1\Cookies
    [F:434][D:5]-> C:\DOCUME~1\CHARLO~1\LOCALS~1\TEMPOR~1\content.IE5

    --------------------[ Fin du rapport a 23:07:46,82 ]----------------------
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. charlotteeeee Messages postés 10 Statut Membre
     
    je t 'envoie les rapports de dss :

    Deckard's System Scanner v20071014.68
    Run by charlotte on 2008-07-11 23:14:58
    Computer is in Normal Mode.
    --------------------------------------------------------------------------------

    -- System Restore --------------------------------------------------------------

    Successfully created a Deckard's System Scanner Restore Point.

    -- Last 5 Restore Point(s) --
    55: 2008-07-11 21:15:09 UTC - RP342 - Deckard's System Scanner Restore Point
    54: 2008-07-11 10:23:32 UTC - RP341 - Point de vérification système
    53: 2008-07-10 10:18:02 UTC - RP340 - Software Distribution Service 3.0
    52: 2008-07-08 18:13:25 UTC - RP339 - Point de vérification système
    51: 2008-07-07 14:37:55 UTC - RP338 - Point de vérification système

    -- First Restore Point --
    1: 2008-04-13 19:39:27 UTC - RP288 - Point de vérification système

    Backed up registry hives.
    Performed disk cleanup.

    [color=red]Total Physical Memory: 447 MiB (512 MiB recommended)./color

    -- HijackThis (run as charlotte.exe) -------------------------------------------

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 23:17:45, on 11/07/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\acs.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\eHome\ehSched.exe
    C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\TODDSrv.exe
    C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
    C:\WINDOWS\ehome\ehtray.exe
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\ltmoh\Ltmoh.exe
    C:\WINDOWS\AGRSMMSG.exe
    C:\Program Files\Apoint2K\Apoint.exe
    C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
    C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
    C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
    C:\Program Files\Apoint2K\Apntex.exe
    C:\WINDOWS\system32\ZoomingHook.exe
    C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
    C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
    C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
    C:\Program Files\TOSHIBA\TOSHIBA Direct Disc Writer\ddwmon.exe
    C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\WINDOWS\system32\TPSBattM.exe
    C:\WINDOWS\vVX1000.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    C:\WINDOWS\eHome\ehmsas.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files\Google\Google Updater\GoogleUpdater.exe
    C:\Program Files\TOSHIBA\ConfigFree\CFXFER.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\WINDOWS\explorer.exe
    C:\Documents and Settings\charlotte\Bureau\dss.exe
    C:\PROGRA~1\TRENDM~1\HIJACK~1\charlotte.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    R3 - URLSearchHook: (no name) - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - (no file)
    O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O3 - Toolbar: (no name) - {D0943516-5076-4020-A3B5-AEFAF26AB263} - (no file)
    O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
    O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
    O4 - HKLM\..\Run: [TPNF] C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
    O4 - HKLM\..\Run: [PadTouch] C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
    O4 - HKLM\..\Run: [CeEKEY] C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
    O4 - HKLM\..\Run: [HWSetup] C:\Program Files\TOSHIBA\TOSHIBA Applet\HWSetup.exe hwSetUP
    O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files\Toshiba\Windows Utilities\SVPWUTIL.exe SVPwUTIL
    O4 - HKLM\..\Run: [Zooming] ZoomingHook.exe
    O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
    O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
    O4 - HKLM\..\Run: [Tvs] C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
    O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
    O4 - HKLM\..\Run: [DDWMon] C:\Program Files\TOSHIBA\TOSHIBA Direct Disc Writer\\ddwmon.exe
    O4 - HKLM\..\Run: [CFSServ.exe] CFSServ.exe -NoClient
    O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [VX1000] C:\WINDOWS\vVX1000.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [1 mags 16 more] C:\Documents and Settings\All Users\Application Data\Admin Inter 1 Mags\DASH LOAD.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [Orb] "C:\Program Files\Winamp Remote\bin\OrbTray.exe" /background
    O4 - HKCU\..\Run: [the load] C:\DOCUME~1\CHARLO~1\APPLIC~1\FUNKHE~1\Hold base.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: Lancement rapide de Microsoft Office OneNote 2003.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
    O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb125\Dealio.dll (file missing)
    O9 - Extra 'Tools' menuitem: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb125\Dealio.dll (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
    O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
    O23 - Service: Service de configuration Atheros (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\WINDOWS\system32\TODDSrv.exe
    O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe
    O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
    0
  7. Utilisateur anonyme
     
    Re ,

    Tu as été victime de l'adware LOP.

    Il s'installe le + couramment en acceptant les sponsors d'MSN+ , ou via d'autres programmes ...

    J'analyse et je revient.

    a+

    0
  8. Utilisateur anonyme
     
    Re ,

    ● Désactiver le TeaTimer de Spybot S&D :
    ● Lance Spybot S&D:
    ● Dans le menu, clic sur "Mode" > Choisis le Mode avançé
    ● Dans la colonne de gauche clic sur la rubrique [Outils] > Résident
    ● Décoche la case devant Résident "TeaTimer"
    ● Décoche la case devant Résident "SDHelper"
    Avant de se désactiver, une fenêtre du TeaTimer va apparaitre et te demander d'accepter ou de refuser les modifications dans le registre, il faut donc accepter les modifications.
    ● Referme Spybot


    ************************************************************


    Va dans le panneau de configuration, Options régionales et linguistiques, onglet "Langues", bouton "Détails", l'onglet "Avancé", cocher la case "Arrêter les services de texte avancés".


    ************************************************************


    ● Va dans " Programme et fonctionnalité " trouve & désinstalle :

    Adobe Reader 8.1.2 - Français

    Lop S&D

    Search Settings


    ● Redémarre pour finir la désinstallation.


    ************************************************************


    /!\ Manip crée spécialement pour cet utilisateur , ne pas reproduire chez soi ... /!\

    1)Télécharge OTMoveIt2 ( de Old Timer )

    2)Une fois téléchargé double-clique sur OTMoveIt2.exe pour le lancer.

    Assure toi que la case Unregister Dll's and Ocx's soit bien cochée

    3)puis copie les lignes en gras qui se trouvent en dessous :


    [kill explorer]
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{D0943516-5076-4020-A3B5-AEFAF26AB263}
    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ehTray
    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Alcmtr
    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Zooming
    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SmoothView
    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Google Desktop Search
    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task
    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\VX1000
    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher
    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\1 mags 16 more
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\CTFMON.EXE
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\MsnMsgr
    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\swg
    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\the load
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{E908B145-C847-4e85-B315-07E2E70DECF8}
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{E908B145-C847-4e85-B315-07E2E70DECF8}
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{FB5F1910-F110-11d2-BB9E-00C04F795683}
    C:\Documents and Settings\charlotte\Menu Démarrer\Programmes\Démarrage\Lancement rapide de Microsoft Office OneNote 2003.lnk
    HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{108525­a6-6222-11dc-93e5-0016e38f1022}
    C:\Program Files\Java\jre1.5.0_06
    C:\Program Files\Adobe\Reader 8.0
    C:\Lop SD
    Emptytemp
    [start explorer]


    et colle-les dans le cadre de gauche de OTMoveIt : "Paste List Of Files/Folders to Move."
    clique sur MoveIt! pour lancer la suppression.
    le résultat apparaitra dans le cadre Results.
    clique sur Exit pour fermer.
    4) Poste le rapport situé dans C:\_OTMoveIt\MovedFiles.

    (CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

    5) Il te sera peut-être demander de redémarrer le pc pour achever la suppression -> Accepte ( si il ne fait pas automatiquement , fait-le toi même )

    /!\ Note : Au démarrage ton bureau RISQUE de ne plus apparaître , dans ce cas fait --> CTRL+ALT+SUPP pour ouvrir le Gestionnaire des tâches.
    Puis rends toi à l'onglet "Processus". Clique en haut à gauche sur Fichiers et choisis "Exécuter"

    Tape explorer.exe et valide. Cela fera re-apparaître le Bureau.


    ************************************************************



    Poste moi le rapport OtmoveIt , & fait ceci :


    Menu démarrer ► exécuter ► copie/colle le contenu du cadre ci dessous :

    "%userprofile%\bureau\dss.exe" /config

    Valide.
    Cela va ouvrir le panneau de configuration de DSS
    ► Clique sur Check All puis Scan

    3 rapports au total. (OtmoveIt , Main.txt , extra.txt )

    A++
    0
  9. Utilisateur anonyme
     
    Salut

    on a pas perdu la main a ce que je vois ....

    bon taf !!!

    -;)

    @++
    0
  10. charlotteeeee Messages postés 10 Statut Membre
     
    Merci pour ton aide.

    Je continuerai demain soir parce que je travaille demain et je vais me coucher!
    Dc a demain soir si tu es disponible!
    merci encore

    Mais deja la il y a plus de publicités qui s'affichent!
    0
  11. Utilisateur anonyme
     
    Re ,

    Salut Chiqui' , nan j'essaye de pas perdre la main :)

    charlotteeeee,

    De rien pour l'aide.

    A demain.

    A++

    0